Organizations in critical infrastructure sectors and businesses have been warned by the Cybersecurity and Infrastructure Security Agency, the FBI, and other federal agencies regarding the escalating attacks by the Interlock ransomware operation following its high-profile targeting of healthcare organizations, according to The Record, a news site by cybersecurity firm Recorded Future.
Interlock which was first identified in September leveraged drive-by downloads and the ClickFix social engineering tactic for initial compromise and subsequent delivery of browser update-spoofing malware in opportunistic intrusions, noted a joint federal cybersecurity advisory. Attacks by the group, which was also noted to be potentially related to the Rhysida ransomware gang, have also led to the distribution of the Lumma and Berserk information-stealing payloads for credential theft and privilege escalation activities. Such an alert comes just days after the FBI disclosed that Japanese law enforcement officials had released a free Phobos ransomware decryption tool.
Interlock which was first identified in September leveraged drive-by downloads and the ClickFix social engineering tactic for initial compromise and subsequent delivery of browser update-spoofing malware in opportunistic intrusions, noted a joint federal cybersecurity advisory. Attacks by the group, which was also noted to be potentially related to the Rhysida ransomware gang, have also led to the distribution of the Lumma and Berserk information-stealing payloads for credential theft and privilege escalation activities. Such an alert comes just days after the FBI disclosed that Japanese law enforcement officials had released a free Phobos ransomware decryption tool.




